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REMARKS 

Applicants appreciate the detailed examination evidenced by the Final Office Action 
mailed August 4, 2005 (hereinafter "Final Action"). However, Applicants respectfully 
request that the Examiner reconsider the rejections of Claims 1-32 over the cited references 
for at least the reasons discussed below. 

Independent Claims 1 ,26-28. 31 and 32 Are Patentable Over Brezak and Ganesan 

Independent Claims 1, 26-28, 31, and 32 stand rejected under 35 U.S.C. § 103(a) as 
obvious over U.S. Patent Application Publication No. 2003/0018913 to Brezak et al. 
(hereinafter "Brezak") in view of U.S. Patent 5,535,276 to Ganesan (hereinafter "Ganesan"). 
Claim 1 recites: 

A method for a middle-tier server to impersonate a client to a plurality of 
servers, the method comprising: 

obtaining a common nonce associated with each of the plurality of servers 
from an entity other than the client or the plurality of servers; 

providing the common nonce to the client; 

receiving the common nonce signed by the client at the middle-tier server; and 
providing the signed common nonce as a signature for transactions from the 

client to the plurality of servers so as to authenticate the client to the plurality of 

servers . {Emphasis added). 

The Final Action asserts that Brezak discloses all of the recitations of Claim 1 with 
the exception of "the client signing the common nonce (service ticket)", which the Final 
Action asserts is disclosed by Ganesan. See Final Action, Page 2, line 21 to Page 3, line 4. 
As such, the Final Action appears to assert that the service ticket of Brezak is equivalent to "a 
common nonce associated with each of the plurality of servers", as recited by Claim 1 . See 
Final Action, Page 2, lines 21 to24. Applicants respectfully disagree. 

Brezak appears to be directed to controlling delegation of authentication credentials, 
such as a client's ticket granting ticket (TGT), by providing a service ticket including a 
"forwardable flag" that indicates that the client has authorized the delegation. See Brezak, 
Paragraph 0046. More particularly, as described in the cited portions of Brezak, "[w]hen 
client 202 wants to access server A 210, the client sends a ticket granting service request 
(TGS_REQ) message 224 to authentication service 206, which returns a ticket granting 
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service reply (TGS_REP) message 226. TGSREP message 226 includes a service ticket 
associated with client 202 and server A 210" (Emphasis added). See Brezak, Paragraph 
0043. In other words, the service ticket in the message 226 appears to be associated with only 
one server, i.e., the server A 210. 

Brezak also describes a second service ticket that is provided by the authentication 
server 206. In particular, Brezak states, "[i]f authentication service 206 determines that server 
A 210 is allowed to delegate to the targeted server/service, then a TGS_REP message 232 is 
sent to server A 210. TGSREP message 232 includes a service ticket for the targeted 
server/service" (Emphasis added). See Brezak, Paragraph 0048. As such, the service ticket 
in the message 232 appears to be associated with a single targeted server, for example, "the 
desired or targeted server/service to which client 202 is seeking access, e.g., server C 214." 
See Brezak, Paragraph 0045. 

In contrast, Claim 1 recites "a common nonce associated with each of the plurality of 
servers". As an initial matter, Applicants submit that the cited portions of Brezak do not 
appear to disclose or suggest a "nonce", as recited in Claim 1 and defined in the present 
specification. Moreover, even if one of the service tickets of Brezak were to be considered a 
nonce, none of the service tickets appear to be associated with a plurality of servers. Rather, 
each of the service tickets described in Brezak appear to be issued by the authentication 
service 206 for use with a single server. More specifically, as noted above, the service ticket 
included in the message 226 is associated with server A 210, while the service ticket included 
in the message 232 is associated with a targeted server, such as server C 214. As such, 
nowhere does Brezak appear to disclose or suggest one service ticket associated with a 
plurality of servers, such as servers A 210, B 212, C 214, and D 216. See Brezak, Figure 2. 
Accordingly, Applicants submit that Brezak does not appear to disclose or suggest "a 
common nonce associated with each of the plurality of servers", as recited by Claim 1. 

Moreover, the Final Action does not appear to rely on Ganesan to disclose or suggest 
such a common nonce. See Final Action, Page 3. Rather, the Final Action relies on Ganesan 
to show that a message, including a ticket to access a server 50, is encrypted/signed and then 
verified to authenticate the client to the server 50. See Ganesan, Col. 5, lines 34-56 and Col. 
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15, lines 52-54. 

Accordingly, the cited portions of Brezak and Ganesan do not appear to disclose or 
suggest "a common nonce associated with each of the plurality of servers", as recited by 
Claim 1 . Thus, Applicants submit that Claim 1 is patentable over the combination of Brezak 
and Ganesan. Claims 26-28, 3 1 , and 32 similarly recite such a common nonce, and are thus 
patentable for similar reasons. Also, dependent claims 2-25 and 29-30 are patentable at least 
per the patentability of Claims 1 and 28 from which they respectively depend. 

In addition, Applicants note that independent Claims 1 , 26, and 27 further recite 
"providing the signed common nonce. ..to the plurality of servers so as to authenticate the 
client to the plurality of servers." The Final Action asserts that Brezak discloses providing a 
common nonce to a plurality of servers at Paragraph 0055, lines 12-14. See Final Action, 
Page 3, lines 1-3. More particularly, the cited portion of Brezak states "[t]he received service 
ticket is then used in a subsequent S4U2proxy protocol/procedure to request a service ticket 
to server C 214 for client 302." See Brezak, Paragraph 0055, lines 12-14. In other words, the 
received service ticket appears to be provided to one server (i.e., server C 214), rather than to 
a plurality of servers. As such, Brezak does not appear to disclose or suggest providing one 
service ticket, signed or otherwise, to "the plurality of servers so as to authenticate the client 
to the plurality of servers", as recited by Claims 1, 26, and 27. Nor does the Final Action rely 
on Ganesan to provide such a recitation. Accordingly, Applicants submit that Claims 1, 26, 
and 27 are also patentable over the combination of Brezak and Ganesan for at least these 
additional reasons. 

Many of the Dependent Claims Are Separately Patentable 

Applicants submit that dependent Claims 2-25 and 29-30 are patentable at least by 
virtue of the patentability of independent Claims 1 and 28 from which they respectively 
depend. Applicants further submit that several other of the dependent claims are also 
separately patentable. For example, Claim 23 recites, in part, "obtaining the common nonce 
from a party trusted by the middle-tier server and the plurality of servers, the common nonce 
being signed by the trusted party." 
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Brezak appears to disclose a trusted third party 204 which provides a service ticket 
included in a message 232 to server A 210. See Brezak, Figure 2. However, as discussed 
above, the service ticket in the message 232 from the trusted third party 204 does not appear 
to be "a common nonce" as recited by Claim 23, as it appears to be associated with only the 
targeted server, rather than with the plurality of servers A-D. See Brezak, Figure 2. As such, 
Brezak does not appear to disclose or suggest "obtaining the common nonce from a party 
trusted by the middle-tier server and the plurality of servers", as recited by Claim 23. 

Moreover, the cited portions of Ganesan also do not appear to disclose or suggest 
obtaining a common nonce from a trusted third party. Accordingly, Applicants submit that 
the combination of Brezak and Ganesan does not disclose or suggest all of the recitations of 
Claim 23. As such, Claim 23 is independently patentable over Brezak and Ganesan for at 
least these reasons. In addition, as Claim 29 similarly recites that "the common nonce is 
provided by a trusted third party", Applicants further submit that Claim 29 is independently 
patentable over the combination of Brezak and Ganesan for at least similar reasons. 



Conclusion 

Accordingly, Applicants submit that the rejections of Claims 1-32 are overcome for at 
least the reasons discussed above, and that the claims are, therefore, in condition for 
allowance, which is respectfully requested. Applicants encourage the Examiner to contact 
the undersigned by telephone to resolve any remaining issues. 

Respectfully submitted, 
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